[kictanet] Why are lots of .go.ke websites not https://?

felista wangari fwwangari03 at gmail.com
Fri Nov 19 10:29:39 EAT 2021


Hi Listers,

I visit lots of Kenya government websites and I notice that a good number
are http:// (not secure)  rather than https:// (secure). Especially sites
where people are putting in their data for job applications and things like
that (I had started tracking, but abandoned that project).

This morning I'm getting lots of messages asking me if the Kazi Mtaani
portal http://kms.go.ke being launched this afternoon is legit. Young
Kenyans who want to apply are worried that it could be a malicious site
since it is not https://.

I'm explaining that yes, it is a legitimate government website (it has been
shared by various government officials) but that it didn't attend to
digital security, just like many other government agency sites.


Should we be having government websites collecting people's details using
http:// and not https:// in 2021?

How is the security protocol not baked in during the building of the sites?
- I wonder about this a lot.


Regards,
Felista Wangari
Incurably curious
Journalist/Editor (Health, gender, development, personal finance)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20211119/42629d1a/attachment.htm>


More information about the KICTANet mailing list